Control Implementation Methods
Risk mitigation uses the following controls to reduce risk:
There are three implementation methods: Technical, management, and operational.
- Technical Controls uses technology. (Firewall, Encryption, Antivirus, IDS, and least privilege)
- Management Controls use administrative or management methods.
- Operational Controls are implemented by people in day-to-day operations.
Technology Controls use technology to reduce vulnerabilities. Some Examples include Encryption, Antivirus, IDS, and least privilege. Technical physical security and environmental include motion detectors and fire suppression system.
Management Controls use planning and assessment to reduce manage risk. Some examples are: Risk assessment (quantify and qualify risk within an organization), Vulnerability assessment (attempts to discover weakness), Penetration tests (exploits the vulnerability).
Operational Controls ensures that day-to-day operations are in comply with security plan. It deals with people and not technology. Examples: Awareness and training, Configuration and Change management, Contingency planning, Media protection (flash drive), physical and environmental protection.
Control Goals
Preventive Controls (before) attempt to prevent security incidents. Hardening systems increases a system's basic configuration to prevent incidents. Security goals can prevent unauthorized personnel from entering a secure area. Change management processes help prevent outages from configuration changes. An account disablement policy ensues that accounts are disabled when a user leaves the organization.
Detective Controls attempt to detect (after) when vulnerabilities have been exploited. some examples include log monitoring, trend analysis, security audits, and CCTV systems.
Deterrent controls is to discourage a threat. For that you can use, computer cable locks and hardware locks. When a thief see a laptop with a cable lock, they will not steal it.
Compensating Controls are alternative controls used instead of a primary control. Example: A company hires a person and the Smart card takes about a week to arrive. Employees use the smart card and a PIN to log in to computers, since the person does not have a smart card. They give him a temporary hard token. It is still dual-factor authentication.
Deterrent controls is to discourage a threat. For that you can use, computer cable locks and hardware locks. When a thief see a laptop with a cable lock, they will not steal it.
Compensating Controls are alternative controls used instead of a primary control. Example: A company hires a person and the Smart card takes about a week to arrive. Employees use the smart card and a PIN to log in to computers, since the person does not have a smart card. They give him a temporary hard token. It is still dual-factor authentication.
Door Access Systems
In the event of a fire, door access systems should allow personnel to exit the building without any form of authentication. Access points to data centers and server rooms should be limited to a single entrance and exit whenever possible.
Cipher locks require users to enter a code to gain access. It is important to provide training to users on the importance of keeping the code secure. This includes not giving it out to others and preventing shoulder surfers.
Proximity cards are credit card-sized access cards. Users pass the card near a proximity card reasder and the card then reads the data on the card. some access control points use proximity cards with PINs for authentication
Door access systems include cipher locks, proximity cards, and biometrics. Cipher locks do not identify users. Proximity cards can identify and authenticate users when combined with a PIN. Biometrics can also identify and authenticate users.
Tailgating is a security violation that occurs when on user follows closely behind another without using credentials. Mantraps allow onl a single person to pass at a time. Sophisticated mantraps can identify and authenticate individuals before allowing access.
Security guards are physical controls that can protect access to restricted areas. Security guards can be an effective deterrent to prevent tailgating. They can also check individual's identification against a pre-approved access list.
Video Surveillance provides reliable proof of a person's location and activity. It can identify who enters and exits secure areas and can record theft of assets.
Barricades provide stronger barriers than fences and attempt to deter attackers. Bollards are effective barricades that can block vehicles.
Cable locks are effective threat deterrents for small equipment such as laptops and some workstations. When used properly, they prevent losses due to theft of small equipment.
Locking cabinets in server rooms provide an added physical security measure. A locked cabinet prevents unauthorized access to equipment mounted in server bays.
Principle of Least Privilege the rights (install something) and permission (access to folder) a user need to perform their job. Need to know is similar to principle of least privilege but it only deals with data and information which is protected by permission(access to a folder) only.
Barricades provide stronger barriers than fences and attempt to deter attackers. Bollards are effective barricades that can block vehicles.
Cable locks are effective threat deterrents for small equipment such as laptops and some workstations. When used properly, they prevent losses due to theft of small equipment.
Locking cabinets in server rooms provide an added physical security measure. A locked cabinet prevents unauthorized access to equipment mounted in server bays.
Principle of Least Privilege the rights (install something) and permission (access to folder) a user need to perform their job. Need to know is similar to principle of least privilege but it only deals with data and information which is protected by permission(access to a folder) only.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.